Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // NewUserAccount is used to create a new user account
- func (um *UserManager) NewUserAccount(username, password, email string, enterpriseEnabled bool) (*User, error) {
- user, err := um.FindByEmail(email)
- if err == nil {
- return nil, errors.New("email address already taken")
- }
- user, err = um.FindByUserName(username)
- if err == nil {
- return nil, errors.New("username is already taken")
- }
- hashedPass, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
- if err != nil {
- return nil, err
- }
- user = &User{
- UserName: username,
- EnterpriseEnabled: enterpriseEnabled,
- HashedPassword: hex.EncodeToString(hashedPass),
- EmailAddress: email,
- AccountEnabled: true,
- APIAccess: true,
- AdminAccess: false,
- Credits: 99999999, // this is temporary and will need to be removed before production
- }
- if check := um.DB.Create(user); check.Error != nil {
- return nil, check.Error
- }
- return user, nil
- }
- // SignIn is used to authenticate a user, and check if their account is enabled.
- // Returns bool on succesful login, or false with an error on failure
- func (um *UserManager) SignIn(username, password string) (bool, error) {
- var user User
- if check := um.DB.Where("user_name = ?", username).First(&user); check.Error != nil {
- return false, check.Error
- }
- if !user.AccountEnabled {
- return false, errors.New("account is disabled")
- }
- validPassword, err := um.ComparePlaintextPasswordToHash(username, password)
- if err != nil {
- return false, err
- }
- if !validPassword {
- return false, errors.New("invalid password supplied")
- }
- return true, nil
- }
- // ComparePlaintextPasswordToHash is a helper method used to validate a users password
- func (um *UserManager) ComparePlaintextPasswordToHash(username, password string) (bool, error) {
- var user User
- if check := um.DB.Where("user_name = ?", username).First(&user); check.Error != nil {
- return false, check.Error
- }
- passwordBytes, err := hex.DecodeString(user.HashedPassword)
- if err != nil {
- return false, err
- }
- err = bcrypt.CompareHashAndPassword(passwordBytes, []byte(password))
- if err != nil {
- return false, err
- }
- return true, nil
- }
Add Comment
Please, Sign In to add comment